Adaline Trust Center

Resource	Actions
Engagement Letter Engagement letter for security audits
SOC 2 Type II SOC 2 Type II report for Adaline platform (May 2025)
Privacy Policy Our privacy policy outlining how we handle user data
Terms of Service Terms and conditions for using our services
Data Processing Agreement Standard data processing agreement for customers
Security Policy Our comprehensive security policy
Incident Response Policy How we respond to security incidents
Access Control Policy Policies governing access to systems and data
Data Retention Policy How long we retain customer data
Encryption Policy Our encryption standards and practices
Vulnerability Management Policy How we identify and remediate vulnerabilities
Business Continuity Policy Our business continuity and disaster recovery plans
Business Continuity Plan Detailed plan for maintaining and restoring Adaline services during disruptions.
Endpoint Security Policy Requirements for securing laptops, workstations, and other endpoints at Adaline.
Business Continuity & Disaster Recovery Policy High level policy covering business continuity and disaster recovery expectations.
Personal Data Breach Notification Procedure Procedure outlining how Adaline identifies and notifies parties of personal data breaches.
Data Classification Policy Policy defining how Adaline classifies and labels data by sensitivity.
Acceptable Usage Policy Guidelines for acceptable use of Adaline systems and data.
Compliance Policy Overview of Adaline's approach to legal, regulatory, and contractual compliance.
PHI Data Breach Notification Procedure Procedure for identifying and reporting breaches involving protected health information.
Asset Management Procedure Procedures for tracking and managing information assets at Adaline.
SDLC Procedure Procedures for Adaline's secure system development lifecycle.
Vendor Management Policy Policy establishing requirements for selecting and managing third-party vendors.
Risk Assessment & Management Policy Policy describing how Adaline identifies, assesses, and manages risk.
Physical & Environmental Security Policy Policy for securing Adaline offices and physical environments.
Data Breach Notification Policy Policy governing external notifications for data breaches.
Operation Security Policy High level operations security policy for Adaline.
Incident Management Procedure Procedures for triaging and resolving security and privacy incidents.
HR Security Procedure HR procedures to support onboarding, offboarding, and personnel security.
Privacy By Design Policy Policy requiring privacy considerations throughout system design and development.
Communications & Network Security Policy Policy for securing communications channels and networks at Adaline.
Compliance Procedure Detailed procedures that support Adaline's compliance program.
Network Security Procedure Procedures for configuring and maintaining network security controls.
Incident Management Policy Policy establishing responsibilities and requirements for incident management.
Media Disposal Policy Policy for secure disposal of media storing sensitive data.
Code of Business Conduct Policy Code of conduct describing expected behavior for Adaline personnel.
Vendor Management Procedure Procedures for evaluating and monitoring vendors.
Asset Management Policy Policy defining ownership and lifecycle requirements for assets.
Operations Security Procedure Procedures implementing Adaline's operations security controls.
Access Control Procedure Procedures supporting Adaline's access control policy.
HR Security Policy Policy defining HR-related security requirements.
Information Security Policy Top level information security policy for Adaline.
Organization of Information Security Policy Policy describing roles and responsibilities for information security.
System Acquisition and Development Lifecycle Policy Policy governing acquisition and development of systems throughout the SDLC.
Physical and Environmental Security Procedure Procedures implementing physical and environmental security controls.
Data Protection Policy Policy describing how Adaline protects personal and sensitive data.
PCI Charter Charter describing Adaline's PCI DSS governance and responsibilities.
AI System Impact Assessment Procedure Procedures for assessing impact and risks of AI systems.
AI SDLC Policy and Procedure Policy and procedures for secure AI system development lifecycle.
AI Acceptable Usage Policy Policy governing acceptable use of AI systems and models.
AI Data Management Policy and Procedure Policy and procedures for managing data used in AI systems.
AIMS Communication Plan Communication plan for Adaline's AI management system (AIMS).
AI Security Policy Security requirements specific to Adaline's AI systems.
AI System Impact Assessment Policy High level policy for AI system impact assessments.
Cardholder Data Management Policy Policy for protecting and processing cardholder data.
Cloud Security Policy Policy describing security requirements for Adaline's cloud environments.
Security Whitepaper Comprehensive overview of our security practices
Architecture Diagram High-level architecture of our platform
Backup Procedures Data backup and recovery procedures
Change Management Process How we manage system changes
Security Onboarding Checklist Security requirements for new employees
Security Offboarding Checklist Security procedures for employee offboarding
Vendor Security Assessment How we assess vendor security
Compliance Matrix Mapping of controls to compliance frameworks
ISMS Scope Document Scope document for Adaline's Information Security Management System (ISMS).
Corrective actions and preventive actions register (CAPA) Register of corrective and preventive actions (CAPA) for ISMS findings.
ISMS Manual Manual describing Adaline's Information Security Management System.
System Description Detailed description of Adaline's in-scope systems.
AI Roles & Responsibilities Document listing AI related roles and responsibilities at Adaline.
ISMS Information Security Roles & Responsibilities Document describing ISMS information security roles and responsibilities.
AIMS Scope Document Scope document for Adaline's AI management system (AIMS).
Data flow diagram Diagram showing data flows for key Adaline systems.
Pentest Report Most recent penetration testing report for Adaline.
Records of Processing Activities (ROPA) & Data flow map Records of processing activities (ROPA) and corresponding data flow map.
AIMS Manual Manual describing Adaline's AI management system (AIMS).
AI Lifecycle Document Documentation of Adaline's AI system lifecycle.

Engagement Letter

Engagement letter for security audits

SOC 2 Type II

SOC 2 Type II report for Adaline platform (May 2025)

Privacy Policy

Our privacy policy outlining how we handle user data

Terms of Service

Terms and conditions for using our services

Data Processing Agreement

Standard data processing agreement for customers

Security Policy

Our comprehensive security policy

Incident Response Policy

How we respond to security incidents

Access Control Policy

Policies governing access to systems and data

Data Retention Policy

How long we retain customer data

Encryption Policy

Our encryption standards and practices

Vulnerability Management Policy

How we identify and remediate vulnerabilities

Business Continuity Policy

Our business continuity and disaster recovery plans

Business Continuity Plan

Detailed plan for maintaining and restoring Adaline services during disruptions.

Endpoint Security Policy

Requirements for securing laptops, workstations, and other endpoints at Adaline.

Business Continuity & Disaster Recovery Policy

High level policy covering business continuity and disaster recovery expectations.

Personal Data Breach Notification Procedure

Procedure outlining how Adaline identifies and notifies parties of personal data breaches.

Data Classification Policy

Policy defining how Adaline classifies and labels data by sensitivity.

Acceptable Usage Policy

Guidelines for acceptable use of Adaline systems and data.

Compliance Policy

Overview of Adaline's approach to legal, regulatory, and contractual compliance.

PHI Data Breach Notification Procedure

Procedure for identifying and reporting breaches involving protected health information.

Asset Management Procedure

Procedures for tracking and managing information assets at Adaline.

SDLC Procedure

Procedures for Adaline's secure system development lifecycle.

Vendor Management Policy

Policy establishing requirements for selecting and managing third-party vendors.

Risk Assessment & Management Policy

Policy describing how Adaline identifies, assesses, and manages risk.

Physical & Environmental Security Policy

Policy for securing Adaline offices and physical environments.

Data Breach Notification Policy

Policy governing external notifications for data breaches.

Operation Security Policy

High level operations security policy for Adaline.

Incident Management Procedure

Procedures for triaging and resolving security and privacy incidents.

HR Security Procedure

HR procedures to support onboarding, offboarding, and personnel security.

Privacy By Design Policy

Policy requiring privacy considerations throughout system design and development.

Communications & Network Security Policy

Policy for securing communications channels and networks at Adaline.

Compliance Procedure

Detailed procedures that support Adaline's compliance program.

Network Security Procedure

Procedures for configuring and maintaining network security controls.

Incident Management Policy

Policy establishing responsibilities and requirements for incident management.

Media Disposal Policy

Policy for secure disposal of media storing sensitive data.

Code of Business Conduct Policy

Code of conduct describing expected behavior for Adaline personnel.

Vendor Management Procedure

Procedures for evaluating and monitoring vendors.

Asset Management Policy

Policy defining ownership and lifecycle requirements for assets.

Operations Security Procedure

Procedures implementing Adaline's operations security controls.

Access Control Procedure

Procedures supporting Adaline's access control policy.

HR Security Policy

Policy defining HR-related security requirements.

Information Security Policy

Top level information security policy for Adaline.

Organization of Information Security Policy

Policy describing roles and responsibilities for information security.

System Acquisition and Development Lifecycle Policy

Policy governing acquisition and development of systems throughout the SDLC.

Physical and Environmental Security Procedure

Procedures implementing physical and environmental security controls.

Data Protection Policy

Policy describing how Adaline protects personal and sensitive data.

PCI Charter

Charter describing Adaline's PCI DSS governance and responsibilities.

AI System Impact Assessment Procedure

Procedures for assessing impact and risks of AI systems.

AI SDLC Policy and Procedure

Policy and procedures for secure AI system development lifecycle.

AI Acceptable Usage Policy

Policy governing acceptable use of AI systems and models.

AI Data Management Policy and Procedure

Policy and procedures for managing data used in AI systems.

AIMS Communication Plan

Communication plan for Adaline's AI management system (AIMS).

AI Security Policy

Security requirements specific to Adaline's AI systems.

AI System Impact Assessment Policy

High level policy for AI system impact assessments.

Cardholder Data Management Policy

Policy for protecting and processing cardholder data.

Cloud Security Policy

Policy describing security requirements for Adaline's cloud environments.

Security Whitepaper

Comprehensive overview of our security practices

Architecture Diagram

High-level architecture of our platform

Backup Procedures

Data backup and recovery procedures

Change Management Process

How we manage system changes

Security Onboarding Checklist

Security requirements for new employees

Security Offboarding Checklist

Security procedures for employee offboarding

Vendor Security Assessment

How we assess vendor security

Compliance Matrix

Mapping of controls to compliance frameworks

ISMS Scope Document

Scope document for Adaline's Information Security Management System (ISMS).

Corrective actions and preventive actions register (CAPA)

Register of corrective and preventive actions (CAPA) for ISMS findings.

ISMS Manual

Manual describing Adaline's Information Security Management System.

System Description

Detailed description of Adaline's in-scope systems.

AI Roles & Responsibilities

Document listing AI related roles and responsibilities at Adaline.

ISMS Information Security Roles & Responsibilities

Document describing ISMS information security roles and responsibilities.

AIMS Scope Document

Scope document for Adaline's AI management system (AIMS).

Data flow diagram

Diagram showing data flows for key Adaline systems.

Pentest Report

Most recent penetration testing report for Adaline.

Records of Processing Activities (ROPA) & Data flow map

Records of processing activities (ROPA) and corresponding data flow map.

AIMS Manual

Manual describing Adaline's AI management system (AIMS).

AI Lifecycle Document

Documentation of Adaline's AI system lifecycle.

Resources